Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2026/VULN290
_____________________________________________________________________

DATE                : 12/03/2026

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running FortiManager versions
                                    prior to 7.4.3, 7.2.11.

=====================================================================
https://fortiguard.fortinet.com/psirt/FG-IR-26-098
_____________________________________________________________________

Buffer overflow via fgtupdates service

Summary

A Stack-based Buffer Overflow vulnerability [CWE-121] in FortiManager
fgtupdates service may allow a remote unauthenticated attacker to
execute unauthorized commands via crafted requests, if the service
is enabled. The success of the attack depends on the ability to
bypass the stack protection mechanisms.


Version 	Affected 	Solution

FortiManager 7.6 	Not affected 	Not Applicable
FortiManager 7.4 	7.4.0 through 7.4.2 	Upgrade to 7.4.3 or above
FortiManager 7.2 	7.2.0 through 7.2.10 	Upgrade to 7.2.11 or above
FortiManager 6.4 	6.4 all versions 	Migrate to a fixed release

FortiManager Cloud is not affected by this vulnerability.


Workaround:
If active, disable the "fgtupdates" service.

config system interface
edit <portID>
set serviceaccess <service>
end

Where <service> is not "fgtupdates".

https://docs.fortinet.com/document/fortimanager/7.4.2/administration-guide/581288/configure-a-fortimanager-without-internet-connectivity-to-access-a-local-fortimanager-as-fds


Acknowledgement
Fortinet is pleased to thank catalpa from Dbappsecurity Co.,
Ltd. for reporting this vulnerability under responsible
disclosure


Timeline
2026-03-10:     Initial publication
IR Number       FG-IR-26-098
Published Date  Mar 10, 2026
Component       OTHERS
Severity        High
CVSSv3 Score    7.0
Impact          Execute unauthorized code or commands
CVE ID 	        CVE-2025-54820
Download 	
CVRF
CSAF

=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================